The US Department of Justice has unsealed charged against three North Korean computer programmers it says conspired to steal and extort more than $1.3 billion in cash and cryptocurrency.
Jon Chang Hyok, Kim Il, and Park Jin Hyok were members of North Korean military intelligence agency called the Reconnaissance General Bureau which carried out criminal hacking, says the DoJ.
The men are accused of participating in the 2017 WannaCry 2.0 global ransomware attack, the 2016 Bangladesh Bank theft, and the 2014 hit on Sony Pictures Entertainment, among others.
The Bangladesh Bank attack, which saw hackers use the Swift messaging system to convince the Federal Reserve Bank of New York to transfer $81 million from the victim's account to accounts they controlled in the Philippines.
The DoJ alleges that the group attempted to and did gain access to several other banks - including in Vietnam, the Philippines, Africa and Southeast Asia - from 2015 through 2018 using similar methods and “watering hole attacks,” attempting the theft of at least $1.2 billion.
Elsewhere, the North Koreans are accused of thefts through ATM cash-out schemes, including the October 2018 theft of $6.1 million from BankIslami.
Meanwhile, hundreds of cryptocurrency companies were targeted by the group, with tens of millions of dollars stolen, including $75 million from a Slovenian cryptocurrency company in December 2017, $24.9 million from an Indonesian firm in September 2018; and $11.8 million from a New York outfit in 2020.
The hackers are also accused of developing multiple malicious cryptocurrency applications in order to get a backdoor into victims’ computers.
In a second case unsealed today, a Canadian-American citizen has agreed to plead guilty in a money laundering scheme and admitted to being a "high-level" launderer for some of the North Korean schemes, including ATM cash-out operations and a bank heist.
Acting US Attorney Tracy L Wilkison for the Central District of California says: “The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering.
“The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to extract revenge and obtain money to prop up its regime.”